Versana

Security Engineer

Versana

full-time

Posted on:

Origin:  • 🇺🇸 United States • New York

Visit company website
AI Apply
Apply

Salary

💰 $100,000 - $120,000 per year

Job Level

Junior

Tech Stack

AWSAzureCloudFirewallsGoJavaJavaScriptPythonSDLCTerraformTypeScript

About the role

  • Identify and help remediate application security vulnerabilities, ensuring compliance with industry standards and best practices.
  • Integrate and maintain security tooling in CI/CD (SAST, SCA, DAST, container and secrets scanning) and collaborate with developers to tune signal vs noise.
  • Assist in the configuration and management of security tools (e.g. DLP, SIEM, CNAPP, Cloud Security Posture Management tools).
  • Configure and tune security monitoring and alerting (log sources, detection rules, dashboards) to reduce false positives and improve actionable signal
  • Participate in threat modeling and secure design reviews for new and existing applications
  • Participate in incident response activities, including containment, eradication, and recovery efforts.
  • Work continuously with cross-functional teams (engineering, DevOps, product, QA) to embed security controls and guidance throughout the SDLC (“shift left”).
  • Contribute to securing AI/ML/LLM related technologies (prompt injection defenses, output filtering, API key/secret protection, data minimization, monitoring for misuse)
  • Automate repetitive security tasks and reporting where possible (scripts, pipeline jobs, policy-as-code)
  • Support the implementation of security policies, procedures, and standards.
  • Stay up-to-date with the latest security trends, threats, and technology advancements.

Requirements

  • 1–3 years combined experience in software development and/or application or cloud security.
  • Ability to read and reason about code in at least one of: Python, Java, JavaScript/TypeScript, Go, or C#.
  • Understanding of Application Security principles and web application vulnerabilities such as OWASP Top 10, their risk and remediations
  • Basic understanding of cloud computing principles and services (e.g., AWS, Azure, Google Cloud).
  • Exposure to security tools such as firewalls, intrusion detection systems, and vulnerability scanners.
  • Strong communication and teamwork skills.
  • Detail-oriented with a proactive approach to identifying and mitigating security risks.